Skip to main content

Service Fabric

3 CVEs product

Monthly

CVE-2026-56642 HIGH PATCH This Week

Remote code execution in Microsoft Fabric Data Warehouse allows an authenticated attacker to run arbitrary code over the network by triggering a stack-based buffer overflow (CWE-121). The flaw carries a CVSS 8.8 rating with high impact to confidentiality, integrity, and availability, and requires only low-privilege access with no user interaction. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but a vendor patch is available via MSRC.

Buffer Overflow Stack Overflow Microsoft Service Fabric
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-30137 MEDIUM PATCH This Month

Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

RCE Docker Service Fabric
NVD
CVSS 3.1
6.7
EPSS
1.2%
CVE-2020-0902 CRITICAL PATCH Act Now

An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Service Fabric
NVD
CVSS 3.1
9.8
EPSS
2.9%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Microsoft Fabric Data Warehouse allows an authenticated attacker to run arbitrary code over the network by triggering a stack-based buffer overflow (CWE-121). The flaw carries a CVSS 8.8 rating with high impact to confidentiality, integrity, and availability, and requires only low-privilege access with no user interaction. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but a vendor patch is available via MSRC.

Buffer Overflow Stack Overflow Microsoft +1
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

RCE Docker Service Fabric
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Service Fabric
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy